Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/A-cG9_VLTkbphCfs69AUhiirqHg.roa
File: A-cG9_VLTkbphCfs69AUhiirqHg.roa (raw, json)
Hash identifier: t1BknoTJdcFpSWtNoZoHuIOq9kUcPBsqmM7WgqQbhUw=
Subject key identifier: 03:E7:06:F7:F5:4B:4E:46:E9:84:27:EC:EB:D0:14:86:28:AB:A8:78
Certificate issuer: /CN=17526ccac4f9064e058549b30172c84439787fbc
Certificate serial: 0194F6E4E177E00795508199DEF2C653D0B9
Authority key identifier: 17:52:6C:CA:C4:F9:06:4E:05:85:49:B3:01:72:C8:44:39:78:7F:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F1JsysT5Bk4FhUmzAXLIRDl4f7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/A-cG9_VLTkbphCfs69AUhiirqHg.roa
Signing time: Tue 11 Feb 2025 21:23:02 +0000
ROA not before: Tue 11 Feb 2025 21:23:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208661
IP address blocks: 2a0c:b6c3::/32 maxlen: 32
2a0c:b6c4::/32 maxlen: 32
2a0c:b6c5::/32 maxlen: 32
2a0c:b6c6::/32 maxlen: 32
2a0c:b6c7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/F1JsysT5Bk4FhUmzAXLIRDl4f7w.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/F1JsysT5Bk4FhUmzAXLIRDl4f7w.mft
rsync://rpki.ripe.net/repository/DEFAULT/F1JsysT5Bk4FhUmzAXLIRDl4f7w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 15:18:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f6:e4:e1:77:e0:07:95:50:81:99:de:f2:c6:53:d0:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17526ccac4f9064e058549b30172c84439787fbc
Validity
Not Before: Feb 11 21:23:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=03e706f7f54b4e46e98427ecebd0148628aba878
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f4:99:c5:47:5a:c6:bc:92:3c:0c:c0:78:24:
0d:d0:44:2f:42:4a:54:ba:3e:8b:81:4f:d3:a9:f9:
cd:a2:47:21:85:59:70:ae:37:e2:00:24:9e:df:64:
d0:bd:49:fa:d9:2e:dc:fc:89:19:7f:79:1f:42:c3:
9b:17:4f:1c:e6:57:fa:d4:5e:aa:50:db:c5:49:19:
06:f4:75:f7:3d:51:45:cd:29:1e:45:ec:c3:b7:d3:
aa:e0:a9:9a:33:28:f5:e5:fc:74:d1:5f:b2:c2:70:
83:c0:8a:f6:e7:4b:17:61:f2:0e:f8:f2:62:c2:09:
07:83:ce:de:15:e4:f6:40:aa:b7:d6:9d:1f:aa:ee:
96:6e:75:fc:6a:50:d0:19:70:a6:90:5f:86:41:82:
db:f2:e3:9a:39:a8:e5:16:7e:bb:bf:70:d8:8a:6e:
4f:7c:9c:96:d0:79:cd:5c:39:41:2a:60:65:3e:69:
dc:9a:71:a4:9b:3e:ac:33:92:cd:eb:7f:93:d9:54:
8a:ec:0f:96:ed:ba:8d:5c:48:6e:12:ba:96:ac:d8:
36:9a:c2:21:b6:51:51:d1:8a:d0:a0:53:13:6f:f3:
98:01:bb:e6:0d:9b:7f:c3:19:76:eb:d9:60:d5:6f:
63:9a:5a:3f:c4:1c:6c:5d:35:cb:8e:de:48:1c:3e:
fe:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:E7:06:F7:F5:4B:4E:46:E9:84:27:EC:EB:D0:14:86:28:AB:A8:78
X509v3 Authority Key Identifier:
keyid:17:52:6C:CA:C4:F9:06:4E:05:85:49:B3:01:72:C8:44:39:78:7F:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F1JsysT5Bk4FhUmzAXLIRDl4f7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/A-cG9_VLTkbphCfs69AUhiirqHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/F1JsysT5Bk4FhUmzAXLIRDl4f7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b6c3::-2a0c:b6c7:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a2:88:ad:dd:ba:42:07:ce:bd:08:86:40:2f:e7:65:21:51:59:
0d:7c:ca:4b:1a:75:71:06:f0:f9:32:f6:d9:15:57:18:cb:1a:
ca:d8:a3:d3:90:5f:2e:89:ff:60:26:f8:19:ff:48:ad:f7:81:
a0:98:33:69:c7:b6:22:59:ff:58:66:e8:97:45:6a:36:71:75:
c4:c9:c2:3d:13:96:3c:fd:f4:90:a9:44:7c:06:a1:c1:15:8c:
7d:e1:91:19:a8:e7:d2:61:63:32:08:78:16:bd:71:41:26:02:
64:10:34:2a:5e:dc:cb:28:8e:b4:36:66:26:5a:01:55:67:1b:
06:c1:14:c4:97:3e:33:58:9c:9f:81:f0:79:2c:ba:a0:40:3a:
08:43:74:7f:9b:0e:fc:c4:75:d4:cb:23:9a:03:06:c7:58:8f:
34:1c:a2:9c:33:d2:7c:b3:aa:49:85:d3:fb:ea:23:4d:b0:bb:
b0:4e:44:9c:90:26:62:f4:2c:47:59:2d:ef:67:69:e4:2d:ce:
5e:db:5c:6e:f0:ac:e4:2b:26:2d:5f:c5:5b:e7:9e:21:ca:d0:
1d:16:ee:bd:89:bc:e6:0a:32:7a:30:bd:d1:f2:7e:46:7e:ef:
c5:9a:7b:dc:0f:e2:bf:42:52:ba:5d:73:fd:d9:e8:45:51:a6:
3f:f3:e1:78
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZT25OF34AeVUIGZ3vLGU9C5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NTI2Y2NhYzRmOTA2NGUwNTg1NDliMzAxNzJjODQ0Mzk3
ODdmYmMwHhcNMjUwMjExMjEyMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2U3MDZmN2Y1NGI0ZTQ2ZTk4NDI3ZWNlYmQwMTQ4NjI4YWJhODc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvSZxUdaxrySPAzAeCQN0EQvQkpU
uj6LgU/TqfnNokchhVlwrjfiACSe32TQvUn62S7c/IkZf3kfQsObF08c5lf61F6q
UNvFSRkG9HX3PVFFzSkeRezDt9Oq4KmaMyj15fx00V+ywnCDwIr250sXYfIO+PJi
wgkHg87eFeT2QKq31p0fqu6WbnX8alDQGXCmkF+GQYLb8uOaOajlFn67v3DYim5P
fJyW0HnNXDlBKmBlPmncmnGkmz6sM5LN63+T2VSK7A+W7bqNXEhuErqWrNg2msIh
tlFR0YrQoFMTb/OYAbvmDZt/wxl269lg1W9jmlo/xBxsXTXLjt5IHD7+5wIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFAPnBvf1S05G6YQn7OvQFIYoq6h4MB8GA1UdIwQY
MBaAFBdSbMrE+QZOBYVJswFyyEQ5eH+8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjFKc3lzVDVCazRGaFVtekFYTElSRGw0Zjd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9jOWFhODEtNWJmZC00NTM1LTk2MDYt
OTQxY2M2YTdiYWQ5LzEvQS1jRzlfVkxUa2JwaENmczY5QVVoaWlycUhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9jOWFhODEtNWJmZC00NTM1LTk2MDYtOTQxY2M2YTdiYWQ5
LzEvRjFKc3lzVDVCazRGaFVtekFYTElSRGw0Zjd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqDLbD
AwUDKgy2wDANBgkqhkiG9w0BAQsFAAOCAQEAooit3bpCB869CIZAL+dlIVFZDXzK
Sxp1cQbw+TL22RVXGMsaytij05BfLon/YCb4Gf9IrfeBoJgzace2Iln/WGbol0Vq
NnF1xMnCPROWPP30kKlEfAahwRWMfeGRGajn0mFjMgh4Fr1xQSYCZBA0Kl7cyyiO
tDZmJloBVWcbBsEUxJc+M1icn4HweSy6oEA6CEN0f5sO/MR11MsjmgMGx1iPNByi
nDPSfLOqSYXT++ojTbC7sE5EnJAmYvQsR1kt72dp5C3OXttcbvCs5CsmLV/FW+ee
IcrQHRbuvYm85goyejC90fJ+Rn7vxZp73A/iv0JSul1z/dnoRVGmP/PheA==
-----END CERTIFICATE-----
Generated at Thu Apr 10 20:23:39 2025 by rpki-client